1. Trang chủ
  2. » Công Nghệ Thông Tin

ccnp 642 811 bcmsn exam certification guide second edition phần 2 pot

63 386 0

Đang tải... (xem toàn văn)

Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống

THÔNG TIN TÀI LIỆU

Thông tin cơ bản

Định dạng
Số trang 63
Dung lượng 2,38 MB

Nội dung

1-58720-077-5.book Page 30 Tuesday, August 19, 2003 3:16 PM 30 Chapter 1: Campus Network Overview Q&A The questions and scenarios in this book are more difficult than what you should experience on the actual exam The questions not attempt to cover more breadth or depth than the exam; however, they are designed to make sure that you know the answer Rather than allowing you to derive the answers from clues hidden inside the questions themselves, the questions challenge your understanding and recall of the subject Hopefully, these questions will help limit the number of exam questions on which you narrow your choices to two options and then guess You can find the answers to these questions in Appendix A For each layer of the OSI model, match the forwarding criteria used by a switch: _ Layer A IP address _ Layer B UDP/TCP port _ Layer C None _ Layer D MAC address What is multilayer switching (MLS)? Fill in the blanks in the following statement: In the 20/80 rule of networking, 20 percent of the traffic on a segment usually stays _ while 80 percent travels What is a collision domain, and where does it exist in a switched LAN? What is a broadcast domain, and where does it exist in a switched LAN? What is a VLAN, and why is it used? At what OSI Layer(s) devices in the distribution layer usually operate? What is network segmentation? When is it necessary, and how is it done in a campus network design? Is it possible to use Layer switches in the distribution layer, rather than Layer switches? If so, what are the limitations? 1-58720-077-5.book Page 31 Tuesday, August 19, 2003 3:16 PM Q&A 10 31 Which of the following Cisco switch products should be used in a campus network’s distribution layer? (Check all that apply.) a Catalyst 2950 b Catalyst 3550 (SMI) c Catalyst 3550 (EMI) d Catalyst 4000/4500 e Catalyst 6500 11 When might you select a Catalyst 4000 to use in a wiring closet? What attributes make it a good choice? 12 Which Cisco switch family has the most scalable performance? 1-58720-077-5.book Page 32 Tuesday, August 19, 2003 3:16 PM This chapter covers the following topics that you need to master for the CCNP BCMSN exam: I Modular Network Design—This section covers the process of designing a campus network, based on breaking it into functional modules I Sizing the Modules in a Network—You also learn how to size and scale the modules in a design 1-58720-077-5.book Page 33 Tuesday, August 19, 2003 3:16 PM CHAPTER Modular Network Design This chapter presents a set of building blocks that can organize and streamline even a large, complex campus network These building blocks can then be placed using several campus design models to provide maximum efficiency, functionality, and scalability “Do I Know This Already?” Quiz The “Do I Know This Already?” quiz’s purpose is to help you decide if you need to read the entire chapter If you already intend to read the entire chapter, you not necessarily need to answer these questions now The 12-question quiz, derived from the major sections in the “Foundation Topics” portion of the chapter, helps you determine how to spend your limited study time Table 2-1 outlines the major topics discussed in this chapter and the “Do I Know This Already?” quiz questions that correspond to those topics Table 2-1 “Do I Know This Already?” Foundation Topics Section-to-Question Mapping Foundation Topics Section Questions Covered in This Section Modular Network Design 1–12 The goal of self-assessment is to gauge your mastery of the topics in this chapter If you not know the answer to a question or are only partially sure of the answer, you should mark this question wrong Giving yourself credit for an answer you correctly guess skews your self-assessment results and might provide you with a false sense of security CAUTION 1-58720-077-5.book Page 34 Tuesday, August 19, 2003 3:16 PM 34 Chapter 2: Modular Network Design What is the purpose of breaking a campus network down into a hierarchical design? a b To follow political or organizational policies c To make the network predictable and scalable d To facilitate documentation To make the network more redundant and secure Which of the following are building blocks or modules used to build a scalable campus network? (Check all that apply.) a b Distribution block c Core block d Server farm block e Access block Switch block What are the components of a typical switch block? a b Distribution layer switches c Core layer switches d E-commerce servers e Access layer switches Service provider switches What are two types of core, or backbone, designs? a b Loop-free core c Dual core d Collapsed core Layered core In a properly designed hierarchical network, a broadcast from one PC will be confined to what? a One access layer switch port b One access layer switch c One switch block d The entire campus network 1-58720-077-5.book Page 35 Tuesday, August 19, 2003 3:16 PM “Do I Know This Already?” Quiz What is the maximum number of access layer switches that can connect into a single distribution layer switch? a b c Limited only by the number of ports on the access layer switch d Limited only by the number of ports on the distribution switch e Unlimited A switch block should be sized according to what? a b A maximum of 250 access layer users c A study of the traffic patterns and flows d The amount of rack space available e The number of access layer users The number of servers accessed by users What evidence can be seen when a switch block is too large? (Choose all that apply.) a b You run out of access layer switch ports c Broadcast traffic becomes excessive d Traffic is throttled at the distribution layer switches e IP address space is exhausted Network congestion occurs How many distribution switches should be built into each switch block? a b c d 35 1-58720-077-5.book Page 36 Tuesday, August 19, 2003 3:16 PM 36 Chapter 2: Modular Network Design 10 What are the most important aspects to consider when designing the core layer in a large network? (Choose all that apply.) a b Switches that can efficiently forward traffic, even when every uplink is at 100 percent capacity c High port density of high-speed ports d 11 Low cost A low number of Layer routing peers Which services are typically located at the enterprise edge block? (Choose all that apply.) a b Intranet server farms c VPN and remote access d E-commerce servers e 12 Network management End users In a server farm block, where should redundancy be provided? (Choose all that apply.) a Dual connections from each distribution switch to the core b Dual connections from each access switch to the distribution switches c Dual connections from each server to the access switches d No redundancy is necessary You can find the answers to the quiz in Appendix A, “Answers to Chapter ‘Do I Know This Already?’ Quizzes and Q&A Sections.” The suggested choices for your next step are as follows: I or less overall score—Read the entire chapter This includes the “Foundation Topics,” “Foundation Summary,” and “Q&A” sections I 7–9 overall score—Begin with the “Foundation Summary” section and then follow up with the “Q&A” section at the end of the chapter I 10 or more overall score—If you want more review on these topics, skip to the “Foundation Summary” section and then go to the “Q&A” section at the end of the chapter Otherwise, move on to Chapter 3, “Switch Operation.” 1-58720-077-5.book Page 37 Tuesday, August 19, 2003 3:16 PM Modular Network Design 37 Foundation Topics Modular Network Design Recall from Chapter that a network is best constructed and maintained using a three-tiered hierarchical approach Taking a given network and making it conform to a layered architecture might seem a little confusing You can design a campus network in a logical manner, using a modular approach In this approach, each layer of the hierarchical network model can be broken down into basic functional units These units, or modules, can then be sized appropriately and connected together, while allowing for future scalability and expansion You can divide enterprise campus networks into the following basic elements: I Switch block—A group of access layer switches together with their distribution switches I Core block—The campus network’s backbone Other related elements can exist Although these elements don’t contribute to the campus network’s overall function, they can be designed separately and added to the network design These elements are as follows: I Server Farm block—A group of enterprise servers along with their access and distribution (layer) switches I Management block—A group of network management resources along with their access and distribution switches I Enterprise Edge block—A collection of services related to external network access, along with their access and distribution switches I Service Provider Edge block—The external network services contracted or used by the enterprise network; these are the services with which the enterprise edge block interfaces The collection of all these elements is also known as the enterprise composite network model Figure 2-1 shows a modular campus design’s basic structure Notice how each of the building-block elements can be confined to a certain area or function Also notice how each is connected into the core block 1-58720-077-5.book Page 38 Tuesday, August 19, 2003 3:16 PM 38 Chapter 2: Modular Network Design Figure 2-1 Modular Approach to Campus Network Design Building A Building Z Switch Blocks Si Si Si Si Si Core Si Block Si Si Si Server Farm Management Block Block Si Si Enterprise Edge Block Service Provider Edge Blocks The Switch Block Recall how a campus network is divided into access, distribution, and core layers The switch block contains switching devices from the access and distribution layers All switch blocks then connect into the core block, providing end-to-end connectivity across the campus 1-58720-077-5.book Page 39 Tuesday, August 19, 2003 3:16 PM Modular Network Design 39 Switch blocks contain a balanced mix of Layer and Layer functionality, as might be present in the access and distribution layers Layer switches located in wiring closets (access layer) connect end users to the campus network With one end user per switch port, each user receives dedicated bandwidth access Upstream, each access layer switch connects to devices in the distribution layer Here, Layer functionality transports data between all connected access switches at a central connection point Layer functionality can also be provided in the form of routing and other networking services (security, quality of service (QoS), and so on) Therefore, a distribution layer device should be a multilayer switch Layer functionality is discussed in more detail in Chapter 13, “Multilayer Switching.” The distribution layer also shields the switch block from certain failures or conditions in other parts of the network For example, broadcasts will not be propagated from the switch block into the core and other switch blocks Therefore, the Spanning Tree Protocol (STP) will be confined to each switch block, where a virtual LAN (VLAN) is bounded, keeping the spanning tree domain well defined and controlled Access layer switches can support VLANs by assigning individual ports to specific VLAN numbers In this way, stations connected to the ports configured for the same VLAN can also share the same Layer subnet However, be aware that a single VLAN can support multiple subnets Because the switch ports are configured for a VLAN number only (and not a network address), any station connected to a port can present any subnet address range The VLAN functions as traditional network media and allows any network address to connect In this network design model, you should not extend VLANs beyond distribution switches The distribution layer should always be the boundary of VLANs, subnets, and broadcasts Although Layer switches can extend VLANs to other switches and other layers of the hierarchy, this activity is discouraged VLAN traffic should not traverse the network core (Trunking, or the capability to carry many VLANs over a single connection, is discussed in Chapter 6, “VLANs and Trunks.”) Sizing a Switch Block Containing access and distribution layer devices, the switch block is simple in concept You should consider several factors, however, to determine an appropriate size for the switch block The range of available switch devices makes the switch block size very flexible At the access layer, switch selection is usually based on port density or the number of connected users 1-58720-077-5.book Page 78 Tuesday, August 19, 2003 3:16 PM 78 Chapter 3: Switch Operation Table 3-3 Switching Table Commands Task Command Syntax Set the CAM table aging time mac address-table aging-time seconds Configure a static CAM entry mac address-table static mac-address vlan vlan-id interface type mod/num Clear a CAM table entry clear mac address-table dynamic [address mac-address | interface type mod/num | vlan vlan-id] Set privileged level password enable password level 15 password View the CAM table show mac address-table dynamic [address mac-address | interface type mod/num | vlan vlan-id] View the CAM table size show mac address-table count View TCAM resource information show tcam counts 1-58720-077-5.book Page 79 Tuesday, August 19, 2003 3:16 PM Q&A 79 Q&A The questions and scenarios in this book are more difficult than what you should experience on the actual exam The questions not attempt to cover more breadth or depth than the exam; however, they are designed to make sure that you know the answer Rather than allowing you to derive the answers from clues hidden inside the questions themselves, the questions challenge your understanding and recall of the subject Hopefully, these questions will help limit the number of exam questions on which you narrow your choices to two options and then guess You can find the answers to these questions in Appendix A By default, how long are CAM table entries kept before they are aged out? A TCAM lookup involves which values? How many table lookups are required to find a MAC address in the CAM table? How many table lookups are required to match a packet against an access list that has been compiled into 10 TCAM entries? How many value patterns can a TCAM store for each mask? Can all packets be switched in hardware by a multilayer switch? Multilayer switches must rewrite which portions of an Ethernet frame? If a station only receives Ethernet frames and doesn’t transmit anything, how will a switch learn of its location? What is a TCAM’s main purpose? 10 Why the TCAM mask and pattern fields consist of so many bits? 11 In a multilayer switch with a TCAM, a longer access list (more ACEs or statements) takes longer to process for each frame True or false? 12 A multilayer switch receives a packet with a certain destination IP address Suppose the switch has that IP address in its Layer forwarding table, but no corresponding Layer address What happens to the packet next? 13 If a multilayer switch can’t support a protocol with CEF, it relies on fallback bridging Can the switch still route that traffic? 14 To configure a static CAM table entry, the mac address-table static mac-address command is used Which two other parameters must also be given? 15 As a network administrator, what aspects of a switch TCAM should you be concerned with? 1-58720-077-5.book Page 80 Tuesday, August 19, 2003 3:16 PM 80 Chapter 3: Switch Operation 16 What portion of the TCAM is used to evaluate port number comparisons in an access list? 17 Someone has asked you where the host with MAC address 00-10-20-30-40-50 is located Assuming you already know the switch it is connected to, what command can you use to find it? 18 Complete this command to display the size of the CAM table: show mac 19 What protocol is used to advertise CAM table entries among neighboring switches? 20 Suppose a host uses one MAC address to send frames and another to receive them In other words, one address will always be the source address sent in frames, and the other is only used as a destination address in incoming frames Is it possible for that host to communicate with others through a Layer switch? If so, how? 1-58720-077-5.book Page 81 Tuesday, August 19, 2003 3:16 PM 1-58720-077-5.book Page 82 Tuesday, August 19, 2003 3:16 PM This chapter covers the following topics that you need to master for the CCNP BCMSN exam: I Switch Management—This section describes the software operating systems that are available on Cisco Catalyst switches, along with the command-line interface (CLI) that is used for configuration and troubleshooting In addition, this section covers the basic Catalyst switch configuration and administration commands and techniques for interswitch communication I Switch File Management—This section explains the various files and file systems used in a Catalyst switch, along with the commands necessary to manage them I Troubleshooting from the Operating System—This section presents a brief overview of the commands that you can use to verify or troubleshoot basic switch operation 1-58720-077-5.book Page 83 Tuesday, August 19, 2003 3:16 PM CHAPTER Switch Configuration Chapter covered the topic of switch operation from the ground up This chapter adds to that by reviewing the Catalyst operating systems—the mechanisms by which you can connect to a switch to configure and monitor how it works Catalyst file systems are explained, along with the files needed to make a switch functional This chapter also covers the configuration steps for switch management Management functions include the methods used to connect to a switch, and configuring switch identification, user authentication, inter-switch communication, and file management A brief overview of useful troubleshooting commands is also given ”Do I Know This Already?” Quiz The purpose of the “Do I Know This Already?” quiz is to help you decide if you need to read the entire chapter If you already intend to read the entire chapter, you not necessarily need to answer these questions now The 12-question quiz, derived from the major sections in the “Foundation Topics” portion of the chapter, helps you determine how to spend your limited study time Table 4-1 outlines the major topics discussed in this chapter and the “Do I Know This Already?” quiz questions that correspond to those topics Table 4-1 “Do I Know This Already?” Foundation Topics Section-to-Question Mapping Foundation Topics Section Questions Covered in This Section Switch Management 1-7 Switch File Management 8-10 Troubleshooting from the Operating System 11-12 1-58720-077-5.book Page 84 Tuesday, August 19, 2003 3:16 PM 84 Chapter 4: Switch Configuration The goal of self-assessment is to gauge your mastery of the topics in this chapter If you not know the answer to a question or are only partially sure of the answer, you should mark this question wrong Giving yourself credit for an answer you correctly guess skews your selfassessment results and might provide you with a false sense of security CAUTION Which of the following is an operating system available on Cisco Catalyst 3550, 4500, and 6500 family switches? a b IOS c SNMP d Catalyst OS QoS Which of the following is not a valid way to connect to a Catalyst switch? a b rsh c async serial d Telnet rlogin Which user interface mode allows the greatest authority for making configuration changes? a b Privileged EXEC (enable) mode c Telnet mode d User EXEC mode Root mode To configure a password for Telnet access to a switch, which one of the following must the password be applied to? a interface vlan b line c line vty 15 d hostname 1-58720-077-5.book Page 85 Tuesday, August 19, 2003 3:16 PM ”Do I Know This Already?” Quiz Which of the following is not required to set up Telnet access to a switch? a Password on vty b IP address c Default gateway or route d Enable password Which protocol is used to exchange information between connected Cisco neighbors? a SNMP b VTP c CDP d STP Cisco Discovery Protocol is sent over which OSI layer? a Layer b Layer c Layer d Layer Which Catalyst file system contains the running IOS software image? a Running-config b RAM c Flash d 85 NVRAM Which command saves newly made configuration changes so they will be automatically used after the next switch reload? a save all b copy running-config flash: c copy startup-config running-config d copy running-config startup-config 1-58720-077-5.book Page 86 Tuesday, August 19, 2003 3:16 PM 86 Chapter 4: Switch Configuration 10 If the erase flash: command is given, what is the next logical step? a b copy running-config startup-config c erase startup-config d 11 copy tftp: flash: copy startup-config flash: What command can you use to examine the Gigabit Ethernet 3/1 interface’s current configuration? a b show gigabit ethernet 3/1 c show startup-config interface gig 3/1 d 12 show interface gigabitethernet 3/1 show running-config int gig 3/1 What command can you use to view information received from a neighboring Cisco switch, including its version of IOS? a show neighbors b show cdp neighbors all c show all neighbors d show cdp neighbors detail You can find the answers to the quiz in Appendix A, “Answers to Chapter ‘Do I Know This Already?’ Quizzes, and Q&A Sections.” The suggested choices for your next step are as follows: I or less overall score—Read the entire chapter This section includes the “Foundation Topics,” “Foundation Summary,” and “Q&A” sections I 8–10 overall score—Begin with the “Foundation Summary” section and then go to the “Q&A” section at the end of the chapter I 11 or more overall score—If you want more review on these topics, skip to the “Foundation Summary” section and then go to the “Q&A” section at the end of the chapter Otherwise, move to Chapter 5, “Switch Port Configuration.” 1-58720-077-5.book Page 87 Tuesday, August 19, 2003 3:16 PM Switch Management 87 Foundation Topics Switch Management Managing a Catalyst switch can be broken up into several topics A switch runs an operating system, which provides a user interface and controls all processes that are used to forward packets The following sections address all these topics Operating Systems You can configure Cisco Catalyst switch devices to support many different requirements and features When a PC is connected to the serial console port, configuration is generally done with a terminal emulator application on the PC You can perform further configurations through a Telnet session across the LAN or through a web-based interface These topics are covered in later sections Catalyst switches support one of two operating systems, each having a different type of user interface for configuration: I Cisco IOS Software—The user interface is identical to that of Cisco routers, having an EXEC mode for session and monitoring commands, and a hierarchical configuration mode for switch configuration commands Cisco IOS Software is supported on the Catalyst 2950, 3550, 4500 (with Supervisors III and IV), and 6500 (with Supervisor II and MSFC “Supervisor IOS,” and Supervisor 720) This operating system can support Layer 2-only switching or Layer 3, depending on the software license I Catalyst OS (CatOS or COS, also called XDI)—This user interface allows session and monitoring commands to be intermingled with set-based (using the set and clear commands) configuration commands 1-58720-077-5.book Page 88 Tuesday, August 19, 2003 3:16 PM 88 Chapter 4: Switch Configuration CatOS is supported on switch families such as the Catalyst 4000 (Supervisor I or II), Catalyst 5000, and Catalyst 6500 (any Supervisor module) This operating system can support only Layer switching NOTE The Catalyst OS is mentioned here only for comparison It is not covered in detail in the BCMSN 2.0 course; therefore, it is not covered in this text For more information about Catalyst OS comparisons and side-by-side configuration commands, refer to these sources: Cisco Field Manual: Catalyst Switch Configuration by David Hucaby and Steve McQuerry, Cisco Press, ISBN 1-58705-043-9 Comparison of the Cisco Catalyst and Cisco IOS Operating Systems for the Cisco Catalyst 6500 Series Switch at www.cisco.com/en/US/customer/products/hw/switches/ps708/ products_white_paper09186a00800c8441.shtml Generally speaking, you are provided with an interface where you can issue commands, such as show, to display many different types of information about the switch, its configuration, and dynamic operation This is called the User EXEC mode Users are given access to various commands according to their privilege level, ranging from Level through 15 By default, a user is given Level To make any configuration changes, a user must enter a higher level, such as Level 15, through the enable command When in the privileged EXEC or enable mode, you can make configuration changes using the config command Configuration is performed in layers, starting with the global configuration Each time you select a specific item to configure in global configuration mode, you are moved into that respective configuration mode The switch prompt changes to give you a clue about your current mode For example, normal or user EXEC mode is generally shown with the name of the switch followed by a greater than (>) character Privileged EXEC (enable) mode replaces the > with a hash or pound sign (#) Global configuration is shown as the switch name followed by (config) If you select an interface to configure, you enter interface configuration mode, signified by (config-if) Basically, if you are familiar with router EXEC and configuration commands and the IOS user interface, you will be right at home working with the Catalyst IOS Software Identifying the Switch All switches come from the factory with a default configuration and a default system name or prompt You can change this name so that each switch in a campus network has a unique identity This option is useful when you are using Telnet to move from switch to switch in a network 1-58720-077-5.book Page 89 Tuesday, August 19, 2003 3:16 PM Switch Management 89 To change the host or system name, enter the following command in configuration mode: Switch(config)# hostname hostname The host name is a string of to 255 alphanumeric characters As soon as this command is executed, the system prompt changes to reflect the new host name NOTE Configuration changes made on IOS-based switches apply only to the active running configuration, stored in RAM To make the changes permanent, in effect even after a power cycle, remember to copy the switch configuration into the startup configuration, stored in NVRAM This is discussed in the “Switch File Management” section of this chapter Passwords and User Access Normally, a network device should be configured to secure it from unauthorized access Catalyst switches offer a simple form of security by setting passwords to restrict who can log in to the user interface Two levels of user access are available: regular login, or user EXEC mode, and enable login, or privileged EXEC mode User EXEC mode is the first level of access, which gives access to the basic user interface through any line or the console port The privileged EXEC mode requires a second password and gives access to set or change switch operating parameters or configurations Cisco offers various methods for providing device security and user authentication Many of these methods are more secure and robust than using the login passwords Chapter 19, “Securing Switch Access,” describes these features in greater detail To set the login passwords for user EXEC mode, enter the following commands in global configuration mode: Switch(config)# line Switch(config-line)# password password Switch(config-line)# login Switch(config)# line vty 15 Switch(config-line)# password password Switch(config-line)# login Switch(config)# enable secret enable-password Here, the user EXEC mode password is set on the console (line 0) and on all the virtual terminal (line vty 15) lines used for Telnet access The enable mode password (enable secret), which is automatically encrypted when set, is a global value for all users The user EXEC password is a string of to 80 alphanumeric characters The enable secret password is a string of to 25 alphanumeric characters All passwords are case-sensitive You can change the passwords by reconfiguring the passwords with different strings To completely remove a password, use the no password or no enable secret command in the appropriate line configuration mode 1-58720-077-5.book Page 90 Tuesday, August 19, 2003 3:16 PM 90 Chapter 4: Switch Configuration Password Recovery After the EXEC and enable passwords are configured, there is always a chance that you could forget them You might also inherit a switch that has its passwords set to unknown values In this case, you must take the switch through a password recovery procedure The procedure varies among the different Catalyst switch families Refer to the following documents: I Catalyst 2950 and 3550—www.cisco.com/warp/public/474/pswdrec_2900xl.html I Catalyst 4000 and 4500 (Supervisor III and IV)—www.cisco.com/warp/public/474/ pswdrec_cat4000_supiii_21229.html I Catalyst 6500 (Supervisor IOS)—www.cisco.com/warp/public/474/pswdrec_6000IOS.html For a complete list of password recovery procedures for any model of Cisco equipment, refer to the handy Password Recovery Procedures technical tip at www.cisco.com/warp/public/474/ Although password recovery is not explicitly covered in the BCMSN course (nor likely in the CCNP BCMSN exam), you should be aware of the concepts needed to regain access to a switch TIP Remote Access By default, the switch allows user access only via the console port To use Telnet to access a switch from within the campus network, to use ping to test a switch’s reachability, or to monitor a switch by SNMP, you must configure for remote access Even if a switch operates at Layer 2, the switch supervisor processor must maintain an IP stack at Layer for administrative purposes An IP address and subnet mask can then be assigned to the switch so that remote communications with the switch supervisor are possible By default, all ports on a switch are assigned to the same virtual LAN (VLAN) or broadcast domain The switch supervisor and its IP stack must be assigned to a VLAN before remote Telnet and ping sessions will be supported VLANs are discussed further in Chapter 6, “VLANs and Trunks.” You can assign an IP address to the management VLAN (default is VLAN 1) with the following commands in global configuration mode: Switch(config)# interface vlan vlan-id Switch(config-if)# ip address ip-address netmask Switch(config-if)# ip default-gateway ip-address Switch(config-if)# no shutdown As demonstrated by the preceding command syntax, an IP address and subnet mask are assigned to the VLAN “interface,” which is really the switch supervisor’s IP stack listening on VLAN number vlan-id Any VLAN number can be used, as long as the VLAN has been defined and is active (in use on a physical switch interface) 1-58720-077-5.book Page 91 Tuesday, August 19, 2003 3:16 PM Switch File Management 91 To send packets off that local VLAN subnet, a default gateway IP address must also be assigned This default gateway has nothing to with processing packets that are passed through the switch; rather, the default gateway is used only to forward traffic between a user and the switch supervisor for management purposes (This concept can be greatly expanded on a Layer switch, which can perform its own “routing” functions and can use dynamic routing protocols.) Inter-Switch Communication—Cisco Discovery Protocol Because switch devices are usually interconnected, management is usually simplified if the switches can communicate on some level to become aware of each other Cisco has implemented protocols on its devices so that neighboring Cisco equipment can be found and identified Cisco uses a proprietary protocol on both switches and routers to discover neighboring devices You can enable the Cisco Discovery Protocol (CDP) on interfaces to periodically advertise the existence of a device and exchange basic information with directly connected neighbors The information exchanged in CDP messages includes the device type, software version, links between devices, and the number of ports within each device By default, CDP runs on each port of a Catalyst switch, and CDP advertisements occur every 60 seconds CDP communication occurs at the data link layer so that it is independent of any network layer protocol that might be running on a network segment This means that CDP can be sent and received using only Layer functionality CDP frames are sent as multicasts, using a destination MAC address of 01:00:0c:cc:cc:cc Cisco Catalyst switches regard the CDP address as a special address designating a multicast frame that should not be forwarded Instead, CDP multicast frames are redirected to the switch’s management port and are processed by the switch supervisor alone Cisco switches become aware only of other directly connected Cisco devices CDP is enabled by default on all switch interfaces To manually enable or disable CDP on an interface, use the following interface configuration command: n Switch(config-if)# [no] cdp enable If a switch port connects to a non-Cisco device or to a network outside your administrative control, consider disabling CDP on that port Add the no keyword to disable CDP Switch File Management A Catalyst switch uses several types of files while it is operating To manage a switch, you should understand what type of file is used for what purpose, how to move these files around, and how to upgrade them 1-58720-077-5.book Page 92 Tuesday, August 19, 2003 3:16 PM 92 Chapter 4: Switch Configuration The following files are typically used in a Catalyst switch: I IOS image files—The software or code that the switch CPU executes Image files are compiled and tailored for specific switch hardware models I Configuration files—Text files containing all configuration commands needed to operate a switch in a network All Catalyst files can be stored in various file systems so they can be accessed and used by the switch hardware Files can also be stored in file systems external to the switch, either as backup copies or as downloadable upgrades The typical file systems available to a Catalyst switch are as follows: I Flash memory—Nonvolatile memory present in the switch; files stored here remain intact even after a power cycle I Network servers—Systems apart from the switch that are connected to the network and provide TFTP, FTP, or remote copy program (rcp) file transfer services I NVRAM—Nonvolatile memory that contains the switch configuration used during bootup On many switches, the NVRAM file system is actually emulated in Flash memory I RAM—Volatile memory available to the switch for a variety of purposes The switch configuration used during runtime and altered by configuration commands is stored here OS Image Files The Catalyst IOS Software is packaged as an IOS image file, just as it is for routers IOS image files are stored in the Flash memory on a switch Only one image file can be executed while the switch is running, but more than one image file can be stored on the switch Switches such as the Catalyst 2950 and 3550 have one Flash area where images are stored This is always named flash: Larger, more modular switches can have several Flash file systems For example, a Catalyst 4500 has one named cat4000_flash: that contains the VLAN database file and another called bootflash: that contains the IOS image and bootstrap image files Flash memory can also be present in the form of a PCMCIA card, so stored files can be swapped out by replacing the Flash card These cards are named slot0:, slot1:, and so on You can copy IOS image files from one file system to another or to an external location This allows an image file to be backed up in case of a switch failure Image files can also be copied into the switch Flash file system so that the software version can be upgraded ... port 22 22. 222 2 .22 22: port 3333.3333.3333: port 4444.4444.4444: port 2 Transparent Bridge Broadcast: all ports Multiport Bridge Forwarding Table 1111.1111.1111: port 22 22. 222 2 .22 22: port 3333.3333.3333:... port 8888.8888.8888: port Broadcast: all ports 10 11 VLAN X 12 13 14 Forwarding Table 1111.1111.1111: port 11, vlan X 22 22. 222 2 .22 22: port 6, vlan Y 3333.3333.3333: port 1, vlan X 4444.4444.4444:... Flooding Packet to 0000.aaaa.aaaa Forwarding Table 0000.aaaa.aaaa ? 1111.1111.1111: port 22 22. 222 2 .22 22: port 3333.3333.3333: port 4444.4444.4444: port 5555.5555.5555: port 6666.6666.6666: port

Ngày đăng: 14/08/2014, 04:21

TỪ KHÓA LIÊN QUAN